SSL Server self-signed certificate

Question

Hi everyone,&nbsp;
 &nbsp;
I have an issue getting a VIP set up.  I'd like to have it so that users can go to a simple URL (e.g. http://callmanager) which would resolve in DNS to the VIP address.  I'd like the F5 to be able to take that HTTP request and initiate a HTTPS session to the Call Manager servers on a specific URL.  So ideally, all HTTPS traffic remains between the Call Manager web server and the F5 box and the client only has to worry about HTTP traffic.  One other kink in the whole mess is that the Call Manager web server utilizes a self-signed certificate.  Can anyone provide some assistance?  Thanks in advance.&nbsp;
 &nbsp;

hamish · Answer

Yes. Thats possible. Its essentially ssl offload in reverse.   
&nbsp;  
&nbsp; The self signed cert between f5 and callmanager won't matter to bigip by default. Just create a standard host virtual sever and add a serverssl profile to it (the default one named serverssl will work fine) 
&nbsp;  
&nbsp; Worst case yo will have to do some rewriting. That could be from none to needing something like the ProxyPass iRule. Or some simple stream based translation.. Ymmv. 
&nbsp;  
&nbsp;  
&nbsp; H

Forum Discussion

SSL Server self-signed certificate

1 Reply

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Web Services, SSL, and self-signed server certificates

Changing self-signed device certificate impact

Trouble applying GoDaddy certificate to a virtual server

Re: Management Certificate

My Security+ Certification Journey